Tuesday, July 25, 2023 | |||
---|---|---|---|
MOVEit and lose it? Analysis of a mega-attack | The Clop ransomware gang's exploitation of MOVEit file transfer software is shaping up to be one of the biggest ransomware attack campaigns of 2023. This session will investigate the latest developments and intelligence around this ongoing malicious campaign, as well as analyze the key security lessons that organizations should take to heart. | Laurie Iacono - Kroll | |
When ransomware strikes: The impact of ransomware in operational technology environments | Over the past five years, Dragos has observed an increase in ransomware used against industrial control systems (ICS) and operational technology (OT) environments. ICS/OT environments present significant risks to not only business operations, but risks to personal and environmental safety as well. Since industrial infrastructure plays a crucial role in daily life, understanding the threat landscape and how to defend your ICS/OT environment from ransomware is more important than ever. Join Dragos' Director of OT-CERT, Dawn Cappelli, for an insightful discussion with Abdul Alamri, Senior Adversary Hunter, and Jim Gilsinn, Principal Industrial Consultant, about the growing ransomware problem and what to do about it. In this session, When Ransomware Strikes: The Impact of Ransomware in Operational Technology Environments, we’ll explore ransomware group activity and trends, as well as how to prepare for and respond to a ransomware attack in an ICS/OT environment. Join us and learn: • The current state of ransomware and its impact on ICS/OT across critical industries. | Dawn Cappelli - Dragos, | |
Ransomware crisis communications: How to calm the storm, not compound it | A ransomware attack has disrupted your company's operations and endangered your employees' and customers' personal information. How do you disclose these concerning developments to the public tactfully and responsibly, while minimizing your risk of legal liability or misattribution? This session will demonstrate how to conduct ransomware crisis communications properly, using anonymized real-life examples of both good and bad attack disclosures. | Dave Oates - PR Security Service | |
BREAK | |||
Operation borderland | In the dynamic world of cybersecurity, attackers hold a significant advantage over defenders. Their task is relatively simpler: they only need to succeed once to achieve their objective, while defenders face the daunting challenge of being right every single time. Within the hostile and uncertain realm of cyberspace, where the stakes are high and code can be used as a weapon of mass destruction, the need for robust security measures is paramount. It is essential to recognize that investing in mere widgets or off-the-shelf solutions is insufficient to combat the persistent breaches and attacks that plague our digital landscape. Lastly, we will examine Operation Borderland, an innovative ransomware implant developed by AssetXero, which takes advantage of Endpoint Protection Platform (EPP) systems that do not employ zero trust inspection. By shedding light on this real-world example, we hope to emphasize the pressing need for organizations to adopt zero trust principles in their security strategies to stay one step ahead of determined adversaries. Together, let us navigate the intricate landscape of cybersecurity, learning from recent developments, and understanding the significance of zero trust in safeguarding our digital assets. | Chris Ritchart - Check Point Software Technologies Bryan Neilson - Check Point Software Technologies | |
Fending off Goliath: How SMBs can repel the giant ransomware threat | It's not a fair fight. Small- and medium-sized businesses often don't have the in-house resources and expertise to match the tenaciousness and craftiness of ransomware groups. Still, there are key steps organizations of all sizes can realistically take that can sharply reduce the risk of a devastating cyberattack. This session will reveal how SMBs can give themselves a puncher's chance through automated blocking, monitoring and detection, security awareness training, threat intelligence and incident/disaster response planning. | Shane Skidgel - U.S. Payments | |
Wednesday, July 26, 2023 | |||
Recruiting AI into your anti-ransomware strategy | Despite the fears surrounding its potential misuse, artificial intelligence holds a lot of promise for cyber professionals looking to defend their networks against ransomware threats. Watch this session to learn the latest on how AI can be applied toward businesses' anti-ransomware efforts. | Vahid Behzadan - University of New Haven | |
How to measure and mitigate Active Directory cybersecurity risk | For most organizations, Active Directory (AD) is the key to identity and access management, which means it is vital that it stays operational and secure. Unfortunately, AD faces a surplus of risks every single day. Whether from ever-frequent cyber and ransomware attacks or critical misconfigurations, effective AD cybersecurity risk management can be a daunting endeavor. | Matthew Vinton - Quest Software | |
BREAK | |||
Stopping ransomware before it’s too late | If you detect pre-ransomware activity early, you can stop an attack before it hurts your business. But detecting and responding to that activity is not straightforward–it requires specific data pipelines, people, processes, and technology, all of which need to be validated on a continuous basis. Red Canary protects its nearly 1,000 customers from ransomware so that they can focus on their missions. Join Alex Spiliotes, Senior Manager at Red Canary, to learn about relevant threat trends and both strategies and tactics for preventing, detecting, and responding to ransomware. | Alex Spiliotes - Red Canary | |
Former Fed Roundtable: DOJ alumni debate the latest crackdowns on cybercrime | This panel will feature a trio of former law enforcement members who now operate in the law sector, serving as cyber legal experts. In this session, the three former Feds will analyze the impact of law enforcement's recent takedowns of key ransomware groups, as well as reveal the latest, evolved tactics of cybercriminal extortion groups that continue to operate. | Timothy Gallagher - Nardello & Co Ed McAndrew - BakerHostetler |